VERY urgent issue

Discussion in 'Computer Hardware, Devices and Accessories' started by xcalibur, Dec 1, 2007.

  1. xcalibur
    OP

    xcalibur Gbatemp's Chocolate Bear

    Member
    3,166
    4
    Jun 2, 2007
    Sacred Heart
    I don't know what the hell happened to my browser but for some reason every time I try to go to any URL via the address bar it redirects me to a blank page of which the title bar says "Error Lander"

    Here is the address bar after i try to visit my homepage :

    Code:
    http://www.megaclick.com/notfound/?lg=en&type=dns&tbtype=megaup&q=http://en-us.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
    Here is my log file of hijack this :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:16, on 2007-12-02
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\LClock\lclock.exe
    C:\Program Files\miniMIZE\miniMIZE.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
    O4 - HKCU\..\Run: [miniMIZE] C:\Program Files\miniMIZE\miniMIZE.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by114fd.bay114.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{891238C4-D9FD-475E-9E9E-9345A753A36C}: NameServer = 85.255.116.132,85.255.112.221
    O17 - HKLM\System\CS2\Services\Tcpip\..\{0795492B-56A3-479B-9AFB-471AA0E778E7}: NameServer = 213.131.65.20,213.131.66.246
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

    --
    End of file - 6602 bytes



    The only reason I am able to post this topic is because I'm already on GBAtemp. Apparently i can still follow around links...
     
  2. jumpman17

    jumpman17 He's a semi-aquatic egg laying mammal of action!

    Former Staff
    8,989
    174
    Apr 11, 2003
    United States
  3. xcalibur
    OP

    xcalibur Gbatemp's Chocolate Bear

    Member
    3,166
    4
    Jun 2, 2007
    Sacred Heart
  4. jumpman17

    jumpman17 He's a semi-aquatic egg laying mammal of action!

    Former Staff
    8,989
    174
    Apr 11, 2003
    United States
    Alright, from your updated post, you have a spyware program called megaclick. Have you tried running spybot and ad-aware?
     
  5. Urza

    Urza hi

    Member
    6,493
    89
    Jul 18, 2007
    United States
    Have you tried a different browser?

    Get Spybot and try running a scan with that.
     
  6. xcalibur
    OP

    xcalibur Gbatemp's Chocolate Bear

    Member
    3,166
    4
    Jun 2, 2007
    Sacred Heart
    What is spybot and ad-aware?

    Lol, just joking. I'm running them both as we speak, a full system scan so it might take a little bit.
    IE7 and MSN both don't work but Utorrent does...
    Hopefully I'll find the spyware.

    Why would someone do something like that? :'(
    Guess I'll have to spam GBAtemp while i wait. [​IMG]
     
  7. jumpman17

    jumpman17 He's a semi-aquatic egg laying mammal of action!

    Former Staff
    8,989
    174
    Apr 11, 2003
    United States
    Welcome to the internet. Make sure to run a full scan too, not a quick one. Want to make sure to search all the nook and crannies.
     
  8. Urza

    Urza hi

    Member
    6,493
    89
    Jul 18, 2007
    United States
    Do you have any antivirus software? I would recommend getting some.

    Avira for free, or nod32 for 39.99.
     
  9. xcalibur
    OP

    xcalibur Gbatemp's Chocolate Bear

    Member
    3,166
    4
    Jun 2, 2007
    Sacred Heart
    I'm using Avast at the moment, the professional version.
    Should i switch from that to nod32?
    I've heard great things from both.

    EDIT: YAY!

    Apparently Spybot and Ad-Aware found nothing but i did delete some negligable items in the Ad-Aware results screen and that seemed to have solved my problem.
    Going to go eat some pizza before turning in.
    G'nite guys.

    P.S.: PIZZA! nom nom nom nom
     
  10. jumpman17

    jumpman17 He's a semi-aquatic egg laying mammal of action!

    Former Staff
    8,989
    174
    Apr 11, 2003
    United States
    Glad you got rid of the bugger. [​IMG]